Security

We strongly recommend that you use only secure network connections to access your account(s) on remote machines. Many Stanford computers will not accept insecure connections over which your password travels unencrypted. Most Stanford computers accept ssh connections.

If you use a version of SSH that supports port forwarding, you can run X Windows applications securely on your computer.

Obtaining Secure Connection Software

Note that there are two SSH protocols: SSH1 and SSH2. The client programs below may support one or both of these. All of the systems in the Computer Science Department support SSH2, but many other Stanford systems do not. (The following programs are free, or have been licensed by Stanford for use by faculty, staff and students. There are commercial implementations of SSH that can be purchased.)

Frequently Asked Questions

Q. Is it possible to use RSA public keys to ssh into xenon? I've tried copying my RSA public key to my ~/.ssh/authorized_keys and ~/.ssh/authorized_keys2 files, but to no avail; ssh into xenon still prompts for regular password authentication. Is RSA authentication disabled in sshd? Or perhaps is there AFS acl setting that I'm missing?

A. No. Even if it were, you wouldn't have access to your files after logging into xenon without a password, because you need kerberos tickets to get AFS tokens which are necessary for file access. However, if you have a CS kerberos ticket on your originating host and are using an ssh with GSSAPI enabled, you should be able to ssh to xenon without a password.